WO2008110049A1 - Système et procédé de prévention de fraude au moyen d'un paramètre de message d'indication - Google Patents

Système et procédé de prévention de fraude au moyen d'un paramètre de message d'indication Download PDF

Info

Publication number
WO2008110049A1
WO2008110049A1 PCT/CN2007/003695 CN2007003695W WO2008110049A1 WO 2008110049 A1 WO2008110049 A1 WO 2008110049A1 CN 2007003695 W CN2007003695 W CN 2007003695W WO 2008110049 A1 WO2008110049 A1 WO 2008110049A1
Authority
WO
WIPO (PCT)
Prior art keywords
parameter
terminal
message
refer
request message
Prior art date
Application number
PCT/CN2007/003695
Other languages
English (en)
Chinese (zh)
Inventor
Min Shen
Lu Zhang
Original Assignee
Zte Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zte Corporation filed Critical Zte Corporation
Publication of WO2008110049A1 publication Critical patent/WO2008110049A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Definitions

  • the present invention relates to the field of communications, and in particular, to a method and system for preventing fraudulent use of REFER (indication) related messages by a user in a Next Generation Network (NGN).
  • NTN Next Generation Network
  • the Initial Session Protocol (SIP) is adopted as the service control protocol, and each communication service can be set by the user's intelligent terminal and the network by the operator.
  • the application server (AS) is completed.
  • a 1 is a typical service implementation architecture in a next generation network, in which an application server (AS) (there may be multiple, respectively for different services) through the interface with the user's home network service - call session control function entity ( S-CSCF) is connected, and the SIP service control message (identified by the dotted line) between the user terminal A and the user terminal B flows through the proxy-call session control function entity (P-CSCF) and the home network in the respective visited networks.
  • the service-call session control function entity (S-CSCF) and the application server may pass through different application servers according to the type of user service), and the application server can implement rich services by various processing of service control messages.
  • the user terminal A and the user terminal B exchange and negotiate the media parameters supported by the silent party, and establish a media stream connection (identified by a solid line) between the two, and the media stream is used for transmitting data such as a voice packet.
  • REFER indication
  • its role is as follows: User B sends a REFER message to User A, carrying the main parameters are Refer-To (indicating three-way user C) and method (indicating a Method): User A initiates an operation request to user C according to the message (using the method indicated by the method parameter, such as INVITE - inviting the other party, MESSAGE - sending information to the other party), and carrying a parameter Referred in these operation request messages -By, the indicator used to identify this operation request (ie user B).
  • the method parameter such as INVITE - inviting the other party, MESSAGE - sending information to the other party
  • REFER messages can be used to implement services such as call forwarding, conferencing, and the like.
  • FIG. 2 is a typical call forwarding business process.
  • the proxy is omitted from this figure.
  • - Network devices such as call session control function entity, service-call session control function entity.
  • user terminal-A user A
  • application server of application terminal-A application server-A
  • application server of user terminal-B Application Server-B
  • the user terminal-B sets the user terminal-A to the call hold state (ie, the service messages can communicate, but the media stream is temporarily interrupted);
  • the user terminal-B sends a transfer request to the user terminal-A through the application server-A (steps 1 to 3) (the transfer request uses the REFER message, the Refer-To parameter is the user C number, and the method parameter is INVITE).
  • the user terminal-A After the user terminal-A indicates accepting the request (steps 4-6), the user terminal-B sends an on-hook request to the user terminal-A, disconnecting the call channel between the two (steps 7-12); then the user terminal -A sends an invite request to the user terminal -C (user C) (this transfer request uses an INVITE message, which carries the Preferred-By parameter as the user B number), and establishes a call between the user terminal-A and the user terminal-C ( Steps 13 ⁇ 21 ).
  • the Referred-By parameter in the INVITE message can have the following effects:
  • the user terminal C may prompt the user C: the call is made by user B for user A; user C may decide whether to answer according to the information. .
  • user C generally does not answer incoming calls from strangers.
  • User C does not know user A, but user C is familiar with user B.
  • User C listens to user A's incoming calls with confidence in user B.
  • the operator can record the call charge between User A and User C on User B's account according to the Referred-By parameter in the INVITE message.
  • An application scenario is as follows: User A dials a service center of a manufacturer, and the receptionist of the after-sales service center sends a REFER message to user A, so that user A establishes a call with a certain technical personnel (user C) of the manufacturer. To further deal with the problem, the after-sales monthly service center will bear the cost of the call between User A and User C to improve customer satisfaction.
  • a loophole in the above process is: User A can fill in the Referred-By parameter for User B at any time when sending an INVITE request to User C. In fact, if User B has not sent a REFER message to User A, or The user B sends a REFER message to the user A to instruct the user A to dial another user D. Alternatively, the user B has instructed the user A to dial the user C, and the user A has dialed the user C once according to the instruction. This can cause serious problems as follows: 1) User C is misled, and will mistakenly believe that this call is made by User B for User A to dial;
  • the technical problem to be solved by the present invention is to provide a system and method for preventing fraudulent use of indication message parameters to prevent users from using the Referred-By parameter to implement fraud.
  • the present invention provides a method for preventing fraud by using an indication message parameter, including:
  • the application server After receiving the REFER message sent to the terminal, the application server records the parameter information in the REFER message, and forwards the REFER message to the destination terminal;
  • the application server After receiving the request message with the Referred-By parameter sent by the terminal, the application server searches for the record according to the terminal identifier and the Referred-By parameter of the sent message, and determines whether the terminal has the right to send the parameter with the Preferred-By parameter.
  • the request message is forwarded to the message destination terminal only when the terminal has the right to send the request message.
  • the recorded REFER parameter information includes a REFER message originating terminal identifier, a destination terminal identifier, and a Refer-To parameter content and a method parameter content in the REFER message.
  • the terminal is considered to have no right to send the request message with the Preferred-By parameter, and the rejection response is returned to the terminal: no matching with the originating terminal identifier and the Referred-By parameter is found. Record; find the record that matches the originating terminal identifier, Referred-By parameter, but the related information in this request message is inconsistent with other parameters in the record.
  • the related information in the current request message is inconsistent with other parameters in the record, and refers to one or more of the following situations: a request message with a Preferred-By parameter sent by the terminal
  • the type of the request is inconsistent with the content of the method parameter of the REFER message in the record
  • the destination address of the request message with the Preferred-By parameter sent by the terminal is inconsistent with the content of the Refer-To parameter of the REFER message in the record.
  • the recorded REFER parameter information further includes timestamp information when the REFER message is received; the application server, after receiving the request message with the Preferred-By parameter sent by the terminal, finds and initiates the terminal identifier, Referred If the timestamp and the current time interval exceed the allowable range, the terminal is considered to have no right to send the request message with the Preferred-By parameter, and the application server sends the request message to the terminal. Returns a rejection response.
  • the application server periodically checks the record, and clears the record with the timestamp and the current time interval beyond the allowable range.
  • the application server records the corresponding record in the corresponding record while forwarding the message to the destination terminal, indicating that the user has been queried according to the REFER message.
  • a request message with a corresponding Preferred-By parameter is sent once; after receiving the request message with the Preferred-By parameter sent by the terminal, the application server finds a record that matches the originating terminal identifier and the Referred-By parameter.
  • the record indicates that the user has sent a request with the corresponding Preferred-By parameter according to the REFER message, and the terminal is considered to have no right to send the request message with the Preferred-By parameter, and the application server sends the request message to the terminal. Return 4 huge responses.
  • the clearing record indicates that the user has sent the request according to the REFER message once.
  • the present invention further provides a system for preventing fraud by using an indication message parameter, which is applicable to an IP multimedia subsystem, and is characterized in that an application server is set in a user home network to be sent to the terminal. Instructing the REFER message to reach the application server first, and the request message with the Preferred-By parameter sent by the terminal first arrives at the application server, where the application server is configured to record the REFER message after receiving the indication REFER message addressed to the terminal.
  • Parameter information in, and forwarding the REFER message to the destination terminal After receiving the request message with the Preferred-By parameter sent by the terminal, determining, according to the terminal identifier and the Referred-By parameter of the sending the message, whether the terminal has the right to send the parameter with the Preferred-By The request message, if the terminal has the right to send the request message, forward the request message to the clearing message destination terminal.
  • the REFER parameter information recorded by the application server includes an EFER message originating terminal identifier, a destination terminal identifier, and a Refer-To parameter content and a method parameter content in the REFER message;
  • the application server considers that the terminal does not have the right to send the request message with the Preferred-By parameter, and returns a rejection response to the terminal: no matching with the originating terminal identifier, Referred-By parameter is found.
  • the parameter inconsistency refers to one or more of the following conditions: The type of the request message with the Preferred-By parameter sent by the terminal is inconsistent with the content of the method parameter of the REFER message in the record; the request sent by the terminal with the Preferred-By parameter The destination address of the message does not match the content of the Refer-To parameter of the REFER message in the record.
  • the invention analyzes the REFER related message of the user by setting the application server, so as to prevent the user from using the Referred-By parameter to perform fraud, and ensure the security and reliability of the related service.
  • Figure 1 is a diagram of a typical service implementation architecture in a next generation network
  • FIG. 2 is a flow chart of a typical call forwarding service
  • FIG. 3 is a flowchart of processing a REFER request according to an embodiment of the present invention
  • FIG. 4 is a flow chart showing the processing of the request message with the Referred-By parameter by the application server S in the embodiment of the present invention.
  • an operator provides an application server for a user to provide various services.
  • the terminal used by the user may not follow the protocol, and the falsification of the message is untrustworthy, but the application server is provided by the operator and is trusted. Therefore, the present invention utilizes an application server to detect whether a user strictly follows the REFER indication to perform related operations, and whether there is a fraudulent behavior.
  • the specific implementation method is:
  • the operator sets an application server S for detecting REFER related messages (including REFER requests received by the user, and various request messages sent by the user with Referred-By parameters) in the user home network;
  • the application server S can be set up separately or together with an existing application server.
  • the operator sets a certain message filtering criterion through a certain configuration (for example, the service-call session control function entity of the user home network), to ensure that the user's REFER related message passes the application server S, that is, to the user.
  • the REFER request message will arrive at the application server S first, and then forwarded to the user by the application server S.
  • the various request messages sent by the user with the Preferred-By parameter will first reach the application server S, and then the application server S forwards the message to the destination of the message. ;
  • the message with the Preferred-By parameter sent by the user is generally a SIP request message.
  • the message includes: UPDATA message, INFO message, REGISTER message, BYE message, ACK message, OPTIONS message, CANCEL message, REFER Messages, etc. From the protocol itself, these SIP requests can be generated by REFER, but are rarely used in practice.
  • the application server S analyzes the REFER request sent to the user, records the REFER originating terminal identifier, the destination terminal identifier, the Refer-To, the method parameter in the REFER message, and the like, and forwards the REFER request to the user;
  • these parameters can be recorded on the server or recorded by a dedicated database.
  • the application server S After receiving the various request messages with the Preferred-By parameter sent by the user, the application server S retrieves the local record according to the terminal identifier and the Preferred-By parameter, and checks whether the user has received the request. Whether the relevant REFER request and related parameters in the REFER are consistent with the parameters in the request message;
  • the source address of the request message with the Refered-By parameter is the destination address of the EFER message, that is, whether the terminal identifiers are the same;
  • the terminal identifier in the Refered-By parameter in the request message with the Refered-By parameter is consistent with the initiator terminal identifier of the REFER message.
  • the application server S will return a rejection response to the user in the following cases:
  • the application server S does not find the corresponding local i record (that is, the record of the REFER message that matches the user identifier, Referred-By parameter);
  • the application server S finds the corresponding local record, but some parameters do not match, such as: The type of the request message sent by the user is inconsistent with the method parameter of the REFER message, or the destination of the request message sent by the user and the Refer-To of the REFER message Inconsistent parameters;
  • the application server S also stores the timestamp information (that is, the time when the REFER message is received) when the REFER message is received, then the application server S finds the corresponding local record, but its The timestamp and the current time interval are longer than the allowable range of the operator; d) the application server S finds the corresponding local record, but the record shows that the user has sent a corresponding request according to the REFER message;
  • the application server S will record in the corresponding local record that "the user has sent a request according to this REFER message, and forwards the request message to the destination at the same time.
  • the application server S receives the failure response of the request from the destination, the corresponding local record may be cleared by the user according to the REFER message, so that the user retry to send the request. Message.
  • the application server S also saves the timestamp, it can periodically check the local record, and clear those records whose timestamps are longer than the current time interval (beyond the range allowed by the operator).
  • FIG. 4 is a preferred embodiment of the present invention.
  • the process for transmitting a REFER request includes the following steps: Step Q1: User B sends a REFER request to User A, which carries Refer-To and method. And other parameters;
  • Step Q2 The application server S receives the REFER request before the user A, and creates a record locally, and records the information related to the REFER request, including: the user A identifier, the REFER message parameters, the current timestamp, and the like;
  • Step Q3 the application server S forwards the REFER request to the user A.
  • Step R1 user A sends a request message (such as: INVITE) to user C, which carries the Referred-By parameter;
  • a request message such as: INVITE
  • Step R2 After receiving the request message, the application server S checks the local record, determines whether the request message has fraudulent behavior, and determines whether the request message is allowed.
  • Step R3 if the application server S allows the user A to issue the request message, the "REFER operation has been executed" is identified in the corresponding local record, so that the user A does not issue the same request message multiple times, and then step R5 is performed;
  • Step R4 If the application server S does not allow the user A to send the request message, the user A returns a rejection response, and the process ends, and the request message is not forwarded;
  • Step R5 after step R3, the application server S forwards the request message to the destination of the request message.
  • the solution of the present invention can prevent users from using the Preferred-By parameter for fraud, and ensure the security and reliability of related services.
  • the above is only the preferred embodiment of the present invention, and is not intended to limit the present invention.
  • the present invention may be variously modified and varied, and the scope of the present invention is defined by the claims.
  • the user can prevent the user from using the Referred-By parameter to perform fraud, and ensure the security and reliability of the related service.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un procédé de prévention de fraude au moyen d'un paramètre de message d'indication, comprenant : l'établissement d'un serveur d'application dans un réseau domestique d'un utilisateur, afin qu'un message d'indication REFER envoyé à un terminal arrive au serveur d'application dans un premier temps, et qu'un message de requête arrive au serveur d'application dans un premier temps, ledit message de requête étant transmis depuis le terminal et comprenant un paramètre Référencé-Par (Referred-By) ; après réception par le serveur d'application du message d'indication REFER transmis au terminal, il enregistre les informations de paramètre dans le message REFER, et transmet dans le même temps le message REFER à un terminal de destination ; après réception du message de requête par le serveur d'application qui est transmis depuis le terminal et comprend un paramètre Référencé-Par, il cherche un enregistrement selon une identification du terminal et le paramètre Référencé-Par dans le message, détermine si le terminal est autorisé à envoyer le message de requête comprenant le paramètre Référencé-Par, et uniquement lorsque le terminal est autorisé à envoyer le message de requête, il envoie le message de requête au terminal de destination.
PCT/CN2007/003695 2007-03-14 2007-12-19 Système et procédé de prévention de fraude au moyen d'un paramètre de message d'indication WO2008110049A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2007100868298A CN101267428B (zh) 2007-03-14 2007-03-14 一种指示及其相关消息防欺诈的方法
CN200710086829.8 2007-03-14

Publications (1)

Publication Number Publication Date
WO2008110049A1 true WO2008110049A1 (fr) 2008-09-18

Family

ID=39758989

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/003695 WO2008110049A1 (fr) 2007-03-14 2007-12-19 Système et procédé de prévention de fraude au moyen d'un paramètre de message d'indication

Country Status (2)

Country Link
CN (1) CN101267428B (fr)
WO (1) WO2008110049A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040248600A1 (en) * 2003-02-15 2004-12-09 Duk-Soo Kim Method and system for providing an instant messaging service in a mobile communication network
WO2006074822A1 (fr) * 2005-01-11 2006-07-20 Nokia Corporation Sessions multiparties d'un systeme de communication

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040248600A1 (en) * 2003-02-15 2004-12-09 Duk-Soo Kim Method and system for providing an instant messaging service in a mobile communication network
WO2006074822A1 (fr) * 2005-01-11 2006-07-20 Nokia Corporation Sessions multiparties d'un systeme de communication

Also Published As

Publication number Publication date
CN101267428B (zh) 2012-04-18
CN101267428A (zh) 2008-09-17

Similar Documents

Publication Publication Date Title
US10721276B2 (en) Providing SIP signaling data for third party surveillance
US7702081B1 (en) Call back number provisioning for emergency call services
JP3855909B2 (ja) ポリシ設定可能なピアツーピア通信システム
RU2552907C2 (ru) Законный перехват в сети мультимедийной подсистемы на основе ip-протокола
WO2007098714A1 (fr) Dispositif et procédé de contrôle de session
JP2008508753A (ja) ハイブリッド通信ネットワークにおいて相関手段を提供する方法および装置
US20070127447A1 (en) Session initiation protocol (SIP) based voice over internet protocol (VoIP) system and method of registering SIP terminal therein
WO2008089626A1 (fr) Procédé d'identification d'un appel malveillant
EP2299647B1 (fr) Intégration de nouvelle génération entre différents domaines, à savoir, entreprise et fournisseur de services utilisant des applications de séquençage et d'appairage d'IMS
WO2010091588A1 (fr) Procede et appareil permettant de distinguer plusieurs equipements utilisateur partageant une meme identite utilisateur publique
WO2007112640A1 (fr) Procédé et appareil de remplacement de l'identification de session, serveur d'application et procédé de remplacement de session
EP2301232B1 (fr) Interception légale de trafic support
US8306199B2 (en) Accounting in a transit network
US9030956B2 (en) Method, computer-readable medium, and apparatus for providing different services to different users of an aggregate endpoint in an internet protocol multimedia subsystem (IMS) network
KR102003694B1 (ko) 이동통신시스템에서 세션 설정 방법 및 장치
WO2008080297A1 (fr) Procédé, équipement et système pour mettre en rapport une session
EP2200254B1 (fr) Système de réseau mobile et procédé de fourniture de message de guidage
WO2007093099A1 (fr) Procédé et système pour associer et distinguer la facture à effets dans le domaine de fork
WO2008110049A1 (fr) Système et procédé de prévention de fraude au moyen d'un paramètre de message d'indication
WO2022046169A1 (fr) Procédés, systèmes et supports lisibles par ordinateur pour acheminer des paquets en vue d'une interception légale
KR100608907B1 (ko) 3gpp ims망에서 화상 통화 내용 기록 방법 및 시스템
JP2011071853A (ja) Ip電話システム、通話内容記録装置および通話方法
KR100907612B1 (ko) 아이피 멀티미디어 서브시스템에서 세션 종료 후의 과금처리 방법 및 시스템
KR102094206B1 (ko) 음성호 서비스 전환 시스템, 게이트웨이장치 및 서비스전환장치 그리고 그 장치의 동작 방법
Sterman Real-time billing in sip

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07855722

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07855722

Country of ref document: EP

Kind code of ref document: A1